The SMS Provider is a dynamic-link library file (smsprov.dll) that you install or uninstall by running System Center 2012 Configuration Manager Setup. At each Configuration Manager site, you can re-run Setup to change the SMS Provider configuration. To remove the last SMS Provider for a site, you must uninstall the site.

You can monitor the installation or removal of the SMS Provider by viewing the ConfigMgrSetup.log in the root folder of the site server on which you run Setup.

Run Configuration Manager Setup from <Configuration Manager site installation folder>\BIN\X64\setup.exe.

On the Getting Started page, select Perform site maintenance or reset this site, and then click Next

On the Site Maintenance page, select Modify SMS Provider configuration, and then click Next.

On the Manage SMS Providers page, select one of the following options and complete the wizard by using one of the following options:

To add an additional SMS Provider at this site:

Select Add a new SMS Provider, specify the FQDN for a computer that will host the SMS Provider and does not currently host a SMS Provider, and then click Next.

To remove an SMS Provider from a server:

Select Uninstall the specified SMS Provider, select the name of the computer from which you want to remove the SMS Provider, click Next, and then confirm the action.

Tip

To move the SMS Provider between two computers, you must install the SMS Provider to the new computer, and remove the SMS Provider from the original location. There is no dedicated option to move the SMS Provider between computers in a single process.

After the Setup Wizard finishes, the SMS Provider configuration is completed. On the General tab in the site Properties dialog box, you can verify the computers that have an SMS Provider installed for a site.

The user account that runs the Configuration Manager console requires permission to access the site database by using the SMS Provider. However, an administrative user who uses a remote Configuration Manager console also requires Remote Activation DCOM permissions on the site server computer and on the SMS Provider computer.

The SMS Admins group grants access to the SMS Provider and can also be used to grant the required DCOM permissions.

Important

The Configuration Manager console uses Windows Management Instrumentation (WMI) to connect to the SMS Provider, and WMI internally uses DCOM. Therefore, Configuration Manager requires permissions to activate a DCOM server on the SMS Provider computer if the Configuration Manager console is running on a computer other than the SMS Provider computer. By default, Remote Activation is granted only to the members of the built-in Administrators group. If you allow the SMS Admins group to have Remote Activation permission, a member of this group could attempt DCOM attacks against the SMS Provider computer. This configuration also increases the attack surface of the computer. To mitigate this threat, carefully monitor the membership of the SMS Admins group. For more information about the security risks associated with allowing remote activation, see DCOM Security Enhancements in Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1.

Use the following procedure to configure each central administration site, primary site server, and each computer where the SMS Provider is installed to grant remote Configuration Manager console access for administrative users.

Note

The following procedure applies to Windows Server 2008 R2. If you have a different operating system version, refer to the documentation for your version about how to configure DCOM permissions if you cannot use the steps in this procedure.

In the My Computer Properties dialog box, on the COM Security tab, in the Launch and Activation Permissions section, click Edit Limits.

In the Launch and Activation Permissions dialog box, click Add.

In the Select User, Computers, Service Accounts, or Groups dialog box, in the Enter the object names to select (examples) box, type SMS Admins, and then click OK.

Note

You might have to change the setting for From this Location to locate the SMS Admins group. This group is local to the computer when the SMS Provider runs on a member server, and is a domain local group when the SMS Provider runs on a domain controller.

Configuration Manager Setup does not create or configure the SQL Server cluster. The clustered SQL Server environment must be configured before it can be used to host the site database. When you use a SQL Server cluster, Configuration Manager automatically checks each hour for changes to the SQL Server cluster node. Changes in the configuration of the SQL Server node that affect Configuration Manager component installation, such as a node failover or the introduction of a new node to the SQL Server cluster, are automatically managed by Configuration Manager.

Note

When you use a clustered SQL Server instance to host the site database, the TCP/IP network communication protocol must be enabled for each SQL Server cluster node network connection. This is required to support Kerberos authentication. The named pipes communication protocol is not required, but can be used to troubleshoot Kerberos authentication issues. The network protocol settings are configured in SQL Server Configuration Manager under SQL Server Network Configuration.

Clustered SQL Server environments allow for failover support for the virtual SQL Server, and provide greater reliability for the site database. However, a site database on a clustered SQL Server configured for failover support does not provide additional processing or load balancing benefits and in fact, degradation in performance can occur. This is because the site server must find the active node of the SQL Server cluster before it connects to the site database.

When you use a clustered SQL Server database to host the site database, install the SMS Provider on the site server or on a separate computer that does not host a SQL Server cluster node. It is not supported to install an instance of the SMS Provider on a SQL Server cluster or a computer that runs as a clustered SQL Server node.

Use the following procedures to install the Configuration Manager site database for a central administration site or primary site, using a clustered virtual SQL Server instance during setup.

Note

During Configuration Manager Setup, the Volume Shadow Copy Service (VSS) writer will install on each physical computer node of the Microsoft Windows Server cluster to support the Backup Site Server maintenance task.

Create the virtual SQL Server cluster to host the site database on an existing Windows Server cluster environment. For specific steps to install and configure a SQL Server cluster, see the documentation specific to your version of SQL Server. For example, if you are using SQL Server 2008 R2, see Installing a SQL Server 2008 R2 Failover Cluster.

On each computer in the SQL Server cluster you can place a file with the name NO_SMS_ON_DRIVE.SMS in the root folder of each drive where you do not want Configuration Manager to install site components. By default, Configuration Manager installs some components on each physical node to support operations such as backup.

Add the computer account of the site server to the Local Administrators group of each Windows Server cluster node computer.

In the virtual SQL Server instance, assign the sysadmin SQL Server role to the user account that runs Configuration Manager Setup.

On the Database Information page, specify the name of the clustered virtual SQL Server instance that will host the site database, in place of the name of the computer that runs SQL Server.

Important

During setup, you must enter the name of the virtual SQL Server cluster instance, and not the virtual Windows Server name created by the Windows Server cluster. Installing the site database using the Windows Server cluster virtual instance name will result in the site database being installed on the local hard drive of the active Windows Server cluster node, and it will prevent successful failover if that node fails.

Complete the remainder of the Setup Wizard normally, to install Configuration Manager using a clustered SQL Server instance.

Create the virtual SQL Server cluster to host the site database on an existing Windows Server cluster environment. For specific steps to install and configure a SQL Server cluster, see the documentation specific to your version of SQL Server. For example, if you are using SQL Server 2008 R2, see Installing a SQL Server 2008 R2 Failover Cluster.

On each computer in the SQL Server cluster you can place a file with the name NO_SMS_ON_DRIVE.SMS in the root folder of each drive where you do not want Configuration Manager to install site components. By default, Configuration Manager installs some components on each physical node to support operations such as backup.

Add the computer account of the site server to the Local Administrators group of each Windows Server cluster node computer.

In the virtual SQL Server instance, assign the sysadmin SQL Server role to the user account that runs Configuration Manager Setup.

On the site server, start the local copy of Configuration Manager Setup and on the Getting Started page, select Perform site maintenance or reset this Site, and then click Next.

On the Site Maintenance page, select Modify SQL Server configuration, and then click Next.

On the Database Information page, specify the name of the clustered virtual SQL Server instance to host the site database, and then click Next.

Complete the Wizard to complete the move of the database to the virtual SQL Server cluster.

To use custom locations for files when you use System Center 2012 Configuration Manager with no service pack or with SP1, you can pre-create a SQL Server database that uses non-default file locations. Next, when you install a site, direct the site to use this pre-created database. You cannot specify custom file locations during the install of a site when you use either version of Configuration Manager to create the site database.

Beginning with System Center 2012 R2 Configuration Manager, when you install a new primary site or central administration site, you can specify non-default file locations and Configuration Manager will create the site database using these locations. Optionally, you can still pre-create a SQL Server database that uses non-default file locations and then when you install the site specify that the site use that pre-created database.

Note

The option to specify non-default file locations is not available when you use a SQL Server cluster.

Also, you can change the location of the site database files after a site installs. To change the location of files after the site installs, you must stop the Configuration Manager site and then edit the file location in SQL Server. Use the following procedure at an installed site to move the file location within an instance of SQL Server.

On the Configuration Manager site server, stop the SMS_Executive service.

Use the information about moving user databases for the version of SQL Server that you use. For example, if you use SQL Server 2008 R2, see Moving User Databases in the online documentation library for SQL Server 2008 R2.

After you complete the database file move, restart the SMS_Executive service on the Configuration Manager site server.

After you install a site, you can modify the configuration of the site database and site database server by running Setup on a central administration site server or primary site server. It is not supported to modify the database configuration for a secondary site.

Note

When you modify the database configuration for a site, Configuration Manager restarts or reinstalls Configuration Manager services on the site server and remote site system servers that communicate with the database.

To modify the database configuration, you must run Setup on the site server and select the option Perform site maintenance or reset this site. Next, select the Modify SQL Server configuration option. You can change the following site database configurations:

The Windows-based server that hosts the database.

The instance of SQL Server in use on a server that hosts the SQL Server database.

The database name.

SQL Server Port in use by Configuration Manager

SQL Server Service Broker port in use by Configuration Manager

You can move the site database to a new instance of SQL Server on the same computer, or to a different computer that runs a supported version of SQL Server. If you move the site database, you must configure the following:

When you move the site database to a new computer, add the computer account of the site server to the Local Administrators group on the computer that runs SQL Server. If you use a SQL Server cluster for the site database, you must add the computer account to the Local Administrators group of each Windows Server cluster node computer.

When you move the database to a new instance on SQL Server, or to a new SQL Server computer, you must enable common language runtime (CLR) integration. To enable CLR, use SQL Server Management Studio to connect to the instance of SQL Server that hosts the site database and run the following stored procedure as a query: sp_configure ‘clr enabled’,1; reconfigure.

After you have installed the Configuration Manager site, use the information in the following sections to help you manage a site database configuration. For information about planning site database configurations, see Planning for Database Servers in Configuration Manager.

When you configure SQL Server to use the local system account to run SQL Server services, a Service Principal Name (SPN) for the account is automatically created in Active Directory Domain Services. When the local system account is not in use, you must manually register the SPN for the SQL Server service account.

You can register an SPN for the SQL Server service account of the site database server by using the Setspn tool. You must run the Setspn tool on a computer that resides in the domain of SQL Server, and it must use Domain Administrator credentials to run.

Use the following procedures as examples of how to manage the SPN for the SQL Server service account that uses the Setspn tool on Windows Server 2008 R2. For specific guidance about Setspn, see Setspn Overview, or similar documentation specific to your operating system.

Note

The following procedures reference the Setspn command-line tool. The Setspn command-line tool is included when you install Windows Server 2003 Support Tools from the product CD or from the Microsoft Download Center. For more information about how to install Windows Support Tools from the product CD, see Install Windows Support Tools.

On the Start menu, click Run, and then enter cmd in the Run dialog box.

At the command line, navigate to the Windows Server support tools installation directory. By default, these tools are located in the C:\Program Files\Support Tools directory.

Enter a valid command to create the SPN. To create the SPN, you can use the NetBIOS name or the fully qualified domain name (FQDN) of the computer running SQL Server. However, you must create an SPN for both the NetBIOS name and the FQDN.

Important

When you create an SPN for a clustered SQL Server, you must specify the virtual name of the SQL Server Cluster as the SQL Server computer name.

To create an SPN for the NetBIOS name of the SQL Server computer, type the following command: setspn –A MSSQLSvc/<SQL Server computer name>:1433 <Domain\Account>

To create an SPN for the FQDN of the SQL Server computer, type the following command: setspn -A MSSQLSvc/<SQL Server FQDN>:1433 <Domain\Account>

Note

The command to register an SPN for a SQL Server named instance is the same as that you use when you register an SPN for a default instance except that the port number must match the port that is used by the named instance.

On the Log on tab, select This account, and then enter the user name and password for the domain user account created in step 1, or click Browse to find the user account in Active Directory Domain Services, and then click Apply.

Click Yes in the Confirm Account Change dialog box to confirm the service account change and restart the SQL Server Service.

Use the Configuration Manager Service Manager to control System Center 2012 Configuration Manager services and to view the status of any Configuration Manager services or threads (referred to collectively as Configuration Manager components). Configuration Manager components can run on any site system. Components are managed the same way that you manage services in Windows; you can start, stop, pause, resume, or query Configuration Manager components.

A Configuration Manager service runs when there is something for it to do (typically, when a configuration file is written to a component's inbox). If you have to identify the component involved in an operation, you can use the Configuration Manager Service Manager to manipulate various Configuration Manager services and threads and then view the resulting change in the behavior of Configuration Manager. For example, you can stop Configuration Manager services one at a time until a particular response is eliminated. Doing so enables you to determine which service causes the behavior.

In the Configuration Manager console, click Monitoring, expand System Status, and then click Component Status.

On the Home tab, in the Component group, click Start, and then select Configuration Manager Service Manager.

When the Configuration Manager Service Manager opens, connect to the site that you want to manage.

If you do not see the site that you want to manage, click Site, click Connect, and then enter the name of the site server of the correct site.

Expand the site and navigate to Components or Servers depending on where the components that you want to manage are located.

In the right pane, select one or more components and then on the Component menu, click Query to update the status of your selection.

After the status of the component is updated, use one of the four action-based options on the Component menu to modify the components operation. After you request an action, you must query the component to display the new status of the component.

Close the Configuration Manager Service Manager when you are finished modifying the operational status of components.

Configuration Manager uses a site reset to reapply the default file and registry permissions on a primary or central administration site server and to reinstall site components at a site. Secondary sites do not support a site reset. You can perform a manual site reset to restore these settings, and Configuration Manager runs a site reset automatically after you make a configuration change that requires this action.

For example, if there has been a change to the accounts used by Configuration Manager components, a manual site reset ensures the account details used by the components are correct and resets the access control lists (ACLs) used by remote site systems to access the site server. Or, if you modify the client or server languages that a site supports, Configuration Manager automatically runs a site reset because the reset is required before a site can use this change.

Note

A site reset does not reset access permissions to non-Configuration Manager objects.

Important

A site reset reinstalls all site system roles at a site.

During a site reset, Setup stops and restarts the SMS_SITE_COMPONENT_MANAGER service and the thread components of the SMS_EXECUTIVE service. Additionally, Setup removes, and then re-creates, the site system share folder and the SMS Executive component on the local computer and on remote site system computers. After Setup reinstalls the SMS_SITE_COMPONENT_MANAGER service, this service installs the SMS_EXECUTIVE and the SMS_SQL_MONITOR services. In addition, a site reset restores the following objects:

The SMS or NAL registry keys, and any default subkeys under these keys.

The Configuration Manager file directory tree, and any default files or subdirectories in this file directory tree.

The account that you use to perform a site reset must have the following permissions:

Central administration site: The account that you use to run a site reset at this site must be a local administrator on the central administration site server and must have privileges that are equivalent to the Full Administrator role-based administration security role.

Primary site: The account that you use to run a site reset at this site must be a local administrator on the primary site server and must have privileges that are equivalent to the Full Administrator role-based administration security role. If the primary site is in a hierarchy with a central administration site, this account must also be a local administrator on the central administration site server.

You can perform a site reset of a Configuration Manager primary site or central administration site, by starting Configuration Manager Setup on the Start menu of the site server computer or on the Configuration Manager source media.

To add support for a server language pack or client language pack to a site, run Configuration Manager Setup and select the languages to use. When you add server language packs to a site they are made available for Configuration Manager console installations and applicable site system roles. When you add client language packs to a site, Configuration Manager adds them to the client installation source files so that new client installations, or upgrades, can add support for the current list of client languages.

How to modify the languages packs at a site: To add or remove support for language packs at a previously installed site, run Setup from the Configuration Manager installation folder on the site server.

Use the following procedure to modify the language packs that a site supports after the site is installed.

On the site server, run Configuration Manager Setup from <Configuration Manager site installation folder>\BIN\X64\setup.exe.

On the Getting Started page, select Perform site maintenance or reset this Site, and then click Next.

On the Site Maintenance page, select Modify language configuration, and then click Next.

On the Prerequisites Downloads page, select Download required files to acquire updates to language packs, or select Use previously downloaded files to use previously downloaded files that include the language packs you want to add to the site. Click Next to validate the files and continue.

On the Server Language Selection page, select the check box for server languages this site supports, and then click Next.

On the Client Language Selection page, select the check box for client languages that this site supports, and then click Next.

Click Next, to modify language support at the site.

Note

Configuration Manager initiates a site reset which also reinstalls all site system roles at the site.

After you update the server language packs at a site, you can add support for the language packs to Configuration Manager consoles.

To add support for a server language pack to a Configuration Manager console, you must install the Configuration Manager console from the ConsoleSetup folder on a site server that includes the language pack that you want to use. If the Configuration Manager console is already installed, you must first uninstall it to enable the new installation to identify the current list of supported language packs.